struts2结合过滤器和cookie实现自动登录

写个过滤器要对登录页面进行过滤，如果session为空，则去cookie中去寻找相关的信息，如果找到了则加载用户的信息，然后转发到登录成功的页面。我用的是struts2实现的，cookie存放用户名和Md5加密后的密码，贴代码:

1.登录页面index.jsp

<%@ page language="java" import="java.util.*" pageEncoding="gbk"%>
<html>
<body>
<form name="form" id="form1" action="user_login.action" method="post">
用户名:
<input name="user.username" id="username" />
<br />
密码:
<input type="password" name="user.password" id="password" />
<br />
<input type="checkbox" name="autologin" value="on">
两周内自动登录
<div>
<font><font color="red"></font>${message}</font>
</div>
<br>
<input type="submit" value="登录" />
</form>
</body>
</html>

2.登录成功页面welcome.jsp

<%@ page language="java" import="java.util.*" pageEncoding="gbk"%>
<html>
</head>
<body>
登录成功!${user.username}
</body>
</html>

3.User.java

package bean;
public class User {
private int id;
private String username;
private String password;
public User() {
}
public void setPassword(String password) {
this.password = password;
}
public String getPassword() {
return password;
}
public void setUsername(String username) {
this.username = username;
}
public String getUsername() {
return username;
}
public void setId(int id) {
this.id = id;
}
public int getId() {
return id;
}
}

4.UserAction.java

package action;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.struts2.interceptor.ServletRequestAware;
import org.apache.struts2.interceptor.ServletResponseAware;
import util.DBUtil;
import util.UtilCommon;
import bean.User;
import com.opensymphony.xwork2.ActionSupport;
public class UserAction extends ActionSupport implements ServletRequestAware,
ServletResponseAware {
private User user;
private String autologin;
private HttpServletRequest request;
private HttpServletResponse response;
private HttpSession session;
private String message;
public String login() {
Cookie username, password;
session = request.getSession();
user.setPassword(UtilCommon.md5Encryption(user.getPassword()));//MD5加密
user=DBUtil.checkLogin(user);
if (user != null) {
if ("on".equals(autologin)){
// 如果用户选择了“两周内自动登录”，则向用户发送两个cookie， 一个cookie记录用户名，另一个记录密码
username = new Cookie("username", user.getUsername());
username.setMaxAge(60 * 60 * 24 * 14); // 设置Cookie有效期为14天
username.setPath("/");
response.addCookie(username);
password = new Cookie("password", user.getPassword());
password.setMaxAge(60 * 60 * 24 * 14);
password.setPath("/");
response.addCookie(password);
}
session.setAttribute("user", user);
} else {
message = "用户名或密码错误!";
return "input";
}
return "success";
}
public void setServletRequest(HttpServletRequest request) {
this.request = request;
}
public void setServletResponse(HttpServletResponse response) {
this.response = response;
}
public String getAutologin() {
return autologin;
}
public void setAutologin(String autologin) {
this.autologin = autologin;
}
public User getUser() {
return user;
}
public void setUser(User user) {
this.user = user;
}
public void setMessage(String message) {
this.message = message;
}
public String getMessage() {
return message;
}
}

5.过滤器LoginFilter.java

package filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import util.DBUtil;
import bean.User;
public class LoginFilter implements Filter {
public void destroy() {
}
public void doFilter(ServletRequest req, ServletResponse res,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = ((HttpServletResponse) res);
HttpSession session = request.getSession(true);
String username, password;
Cookie[] cookies;
User user = (User) session.getAttribute("user");
if (user == null) {
cookies = request.getCookies();
if (cookies != null && cookies.length > 0) {
username = getCookieValue(cookies, "username");
password = getCookieValue(cookies, "password");
if (username != null && password != null) {
user=new User();
user.setUsername(username);
user.setPassword(password);
user = DBUtil.checkLogin(user);// 加载用户信息
session.setAttribute("user", user); // user添加到session中。
request.getRequestDispatcher("/welcome.jsp").forward(request,
response);
} else {
request.getRequestDispatcher("/login.jsp").forward(request,
response);
}
} else {
request.getRequestDispatcher("/login.jsp").forward(request,
response);
}
}
chain.doFilter(req, res);
}
public void init(FilterConfig arg0) throws ServletException {
}
public String getCookieValue(Cookie[] cookies, String str) {
String result = null;
for (Cookie cookie : cookies) {
if (cookie.getName().equals(str)) {
result = cookie.getValue();
break;
}
}
return result;
}
}

6.数据库操作DBUtil.java

package util;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import bean.User;
public class DBUtil {
//取得数据库连接
public static Connection getConnection() {
Connection conn = null;
try {
Class.forName("com.mysql.jdbc.Driver");
} catch (ClassNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
System.out.println("驱动程序没有找到" + e.getMessage());
}
try {
conn = DriverManager.getConnection(
"jdbc:mysql://localhost:3306/cookie", "root", "123");
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
System.out.println("获得连接出错!");
}
return conn;
}
public static User checkLogin(User user){
Connection con=null;
PreparedStatement ps=null;
ResultSet rs=null;
String sql="select * from users where username=? and password=?";
try{
con=getConnection();
ps=con.prepareStatement(sql);
ps.setString(1, user.getUsername());
ps.setString(2, user.getPassword());
rs=ps.executeQuery();
if(rs.next()){
user.setId(rs.getInt("id"));
user.setUsername(rs.getString("username"));
user.setPassword(rs.getString("password"));
return user;
}
rs.close();
ps.close();
con.close();
}catch(Exception e){
e.printStackTrace();
}
return null;
}
}

7.md5加密方法类UtilCommon.java

package util;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
public class UtilCommon {
public static String md5Encryption(String plainText) {
StringBuffer buf = new StringBuffer("");
try {
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(plainText.getBytes());
byte b[] = md.digest();
int i;
for (int offset = 0; offset < b.length; offset++) {
i = b[offset];
if (i < 0)
i += 256;
if (i < 16)
buf.append("0");
buf.append(Integer.toHexString(i));
}
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
//return buf.toString());// 32位的加密
return buf.toString().substring(8, 24);// 16位的加密
}
public static void main(String agrs[]) {
System.out.println(md5Encryption("123456"));
}
}

8.web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"> <welcome-file-list>
<welcome-file>login.jsp</welcome-file>
</welcome-file-list>
<filter>
<!-- 定义核心Filter的名字 -->
<filter-name>LoginFilter</filter-name>
<!-- 定义核心Filter的实现类 -->
<filter-class>
filter.LoginFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>*.jsp</url-pattern>
</filter-mapping>
<filter>
<filter-name>struts2</filter-name>
<filter-class>org.apache.struts2.dispatcher.FilterDispatcher</filter-class>
</filter>
<filter-mapping>
<filter-name>struts2</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>struts-cleanup</filter-name>
<filter-class>org.apache.struts2.dispatcher.ActionContextCleanUp</filter-class>
</filter>
<filter-mapping>
<filter-name>struts-cleanup</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>

9.struts.xml

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
"http://struts.apache.org/dtds/struts-2.0.dtd">
<struts>
<constant name="struts.i18n.reload" value="true" />
<constant name="struts.devMode" value="false" />
<constant name="struts.configuration.xml.reload" value="true" />
<package name="default" extends="struts-default" namespace="/">
<action name="user_*" class="action.UserAction" method="{1}">
<result name="success">/welcome.jsp</result>
<result name="input">/login.jsp</result>
</action>
</package>
</struts>

10.数据库脚本

/*
SQLyog 企业版 - MySQL GUI v8.14
MySQL - 5.6.2-m5 : Database - cookie
*********************************************************************
*/
/*!40101 SET NAMES utf8 */;
/*!40101 SET SQL_MODE=''*/;
/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
CREATE DATABASE /*!32312 IF NOT EXISTS*/`cookie` /*!40100 DEFAULT CHARACTER SET utf8 */;
USE `cookie`;
/*Table structure for table `users` */
DROP TABLE IF EXISTS `users`;
CREATE TABLE `users` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(50) DEFAULT NULL,
`password` varchar(50) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;
/*Data for the table `users` */
insert  into `users`(`id`,`username`,`password`) values (1,'zxc','49ba59abbe56e057');
/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;

工程结构图:



struts2的jar包和mysql的驱动自己加，你们懂的!